As a Cloud Security & Compliance Lead, you will be responsible for designing, implementing, and managing the security of infrastructure and services hosted through AWS (Amazon Web Services). You will be working with a growing IT team that emphasizes agility and efficiency and implement end to end automation, adopt secure DevOps operation techniques and lead security & compliance program.
- Design, implement, and manage new cloud security technologies on AWS.
- Guide DevOps and ProdOps teams to design & architect secure cloud infrastructure for monolith and microservice applications.
- Maintain security posture and limit risk exposure by adopting cloud native/third party cloud security solutions and remediate infrastructure vulnerabilities by using a variety of security tools.
- Lead PCI DSS and ISO-27001 certifications activities including assessments, evidence collections, audits etc.
- Work closely with ProdOps team to monitor and manage the hosted infrastructure.
- Work closely with CISO function for risk assessment, security due diligence, security incident analysis and forensic investigations etc.
- Conduct cloud security assessment of existing infrastructure and application setup on AWS.
- Conduct technical research to stay abreast with latest security trends and research new cloud solutions strategy
- Bachelor of Engineering (BE/B.Tech).
- Minimum 7 years’ experience with 3+ years of hands-on technical experience in solution design of cloud environment and security systems.
- Experience in configuring and monitoring systems and applications security in cloud environments.
- Experience in creating cloud solutions in security technologies including Security Information and Event Management (SIEM), Network Security, Cloud Security, Firewalls, Intrusion Detection / Prevention, DDoS Protection, Patch Management, Data Loss Protection, Application Security and Identity and Access Management.
- Experience with AWS security services like WAF, GuardDuty, Config, Inspector etc.
- Familiarity with industry standards, guidelines, and regulatory compliance requirements related to information security and cloud computing such as GDPR, ISO 27001, ISO 27017, PCI DSS and NIST 800-53.
- Detailed knowledge of sustainable and risk-based security cloud controls.
- CCSP, CCSK or equivalent cloud security certification is preferred.
We are an international team, with members located in offices across the world but who share learnings and support and encourage each other, overcoming any challenges that distance and even different time zones may throw up.
Our goodies for you
• Competitive salary dependent on experience
• Internal incentive program
• Anniversary bonus
• Annual Team Outing and regular Team events